Bitwarden

Name/description and runtime instructions align: the skill operates exclusively through the rbw CLI and declares rbw as the required binary. There are no unrelated requested binaries, env vars, or install steps.

SKILL.md instructs the agent to run rbw commands (login, unlock, list, get, add, sync) and to use tmux/pinentry-curses if interactive prompts are needed. It does not tell the agent to read other system files or unrelated environment variables. One ambiguous phrase—"rbw caches the session key in the agent"—should be clarified: the agent will handle interactive secrets (master password/2FA) and may hold session tokens for the CLI, which is expected but sensitive.

Instruction-only skill with no install spec and no external downloads — lowest-risk installation behavior. It relies on a preinstalled rbw binary (expected for this purpose).

The skill declares no required env vars. The instructions mention common supporting envs/tools (EDITOR, pinentry provider) which are appropriate for interacting with rbw but are not declared as required. No unrelated credentials or config paths are requested.

always:false (normal). The skill can be invoked autonomously by the agent (platform default). Because it enables access to a local password vault, autonomous invocation increases risk — consider whether you want the agent to access secrets without explicit user confirmation each time.